Very basic interface question
-
Hello all,
My apologies for the very basic question here, I'm brand spanking new to PFsense and feeling a bit lost. I want to set specific interface assignments (Static IP, DHCP servers, VLANs, firewall rules between interfaces, etc) and would appreciate some help.
I've run through the inital setup wizard and am able to play around in the GUI. I want to set specific configurations on each of my LAN interfaces instead of leaving them in a generic switch configuration.
However I only see WAN and LAN interfaces in the Interface Assignments page, and no option to add more interfaces. I see a warning stating that members of a lagg will not be shown in interface assignment, but there's no configuration of any kind under the LAGG tab.
What am I missing? I'm used to Fortinet gear and would typically have to remove the interfaces from being in the generic switch group to accomplish something similar, but I'm not seeing that here.
Thanks so much for any help!
-
-
I'm trying to create physical interfaces first, then will create VLANs for some of the interfaces. I don't have the option / button to add new interfaces in the Interfaces Assignments tab.
There's just the WAN and LAN interfaces. I have an option to Delete the LAN interface. Plus a Save button. There is no green Add button, like in your screenshot.
-
What hardware do you have ?
-
A Netgate 2100. 4 LAN ports and a WAN.
-
-
Is there a way to change them from switch to network?
-
https://docs.netgate.com/pfsense/en/latest/solutions/netgate-2100/switch-overview.html
-
@bugman yeah can for sure assign ports from the switch to specific vlans..
https://docs.netgate.com/pfsense/en/latest/solutions/netgate-2100/switch-overview.html
-
@NogBadTheBad - quicker than me ;)
-
Thanks for the guide, fellas! I really appreciate it.
I have to say, though...That was not intuitive! Gotta create a VLAN and navigate through half a dozen submenus just to create a port with a static IP.
-
@bugman well yeah its a switch, so only way to do it is via vlan..
If you had discrete interfaces ;) I personally see no point to switch ports on a router.. Give me discrete all the time.. I have a sg4860 at home..
But I have to say the switch ports in the 3100 did come in a bit handy in one of the setups I have at one of our remote offices.. Saved me from having to use a switch ;) So depending on your needs or requirements.. But in general I would choose interfaces over switch ports any day for my router..
-
I'm stumped yet again. How do I enable trunking on an interface? I want one of my ports to allow multiple VLANs, while another port doesn't have tagged traffic coming into it.
When I try to assign a VLAN to a specific port in Interface Assignment I get the error:
This Switch port is already in used by another interface. -
@bugman you need to edit the switch ports to carry what vlans you want.. Tagged or untagged you can have as many vlans you want on a port. Only 1 vlan can be untagged though, all others would need to be tagged.
-
@bugman said in Very basic interface question:
When I try to assign a VLAN to a specific port in Interface Assignment I get the error:
This Switch port is already in used by another interface.That setting in the main interface config does not configure the switch. Instead that is used to have the VLAN interface status reflect the port status. So for example if you have a VLAN assign as OPT1 and the switch is configured to have port 4 as an access port for that VLAN, you can set port 4 there so that OPT shows as DOWN when port 4 is disconnected.
What you need to do to trunk a VLAN to a port is set that in the switch config. Like:
That will make a VLAN created in LAN, mvneta1.100, available tagged on port 4.
You need to be sure to set in the internal port, 5, also tagged as shown there for all VLANs you need.
Steve
